Elastic search

Question

Elastic search

I have two elastic search queries

To get information about a transaction for a specific day
For information about the transaction for all days

How can I combine these two requests into one request? I am struggling to write a subscription request for these two similar needs. Please help me to solve this problem. Thanks you

{
  "query": {
    "filtered": {
      "query": {
        "match": {
          "payment_type": "paypal"
        }
      },
      "filter": {
        "range": {
          "transaction_date": {
            "from": "2014-11-10",
            "to": "2014-11-10"
          }
        }
      }
    }
  },
  "aggs": {
    "daily_price_sum": {
      "sum": {
        "field": "price"
      }
    },
    "daily_post_sum": {
      "sum": {
        "field": "purchased_post_count"
      }
    }
  }
}


{
  "size": 0, 
  "query": {
    "match": {
      "payment_type": "paypal"
    }
  },
  "aggs": {
    "daily_price_sum": {
      "sum": {
        "field": "price"
      }
    },
    "daily_post_sum": {
      "sum": {
        "field": "purchased_post_count"
      }
    }
  }
}

+3

elasticsearch

Dibish 11 nov. '14 at 7:36

source to share

1 answer

bittusarkar · Accepted Answer · 2014-11-11T16:58:54+0000

If you are using ES versions less than 1.4.0, you can use Filter Aggregation . The request for the same looks like this:

{
   "size": 0,
   "query": {
      "match": {
         "payment_type": "paypal"
      }
   },
   "aggs": {
      "daily_price_sum": {
         "sum": {
            "field": "price"
         }
      },
      "daily_post_sum": {
         "sum": {
            "field": "purchased_post_count"
         }
      },
      "one_day_aggs": {
         "filter": {
            "range": {
               "transaction_date": {
                  "from": "2014-11-10",
                  "to": "2014-11-10"
               }
            }
         },
         "aggs": {
            "daily_price_sum": {
               "sum": {
                  "field": "price"
               }
            },
            "daily_post_sum": {
               "sum": {
                  "field": "purchased_post_count"
               }
            }
         }
      }
   }
}

But if you are using ES 1.4.0, you can use Filter Aggregation to make your query more compact. The request for the same looks like this:

{
   "size": 0,
   "query": {
      "match": {
         "payment_type": "paypal"
      }
   },
   "aggs": {
      "transactions": {
         "filters": {
            "filters": {
               "one_day": {
                  "range": {
                     "transaction_date": {
                        "from": "2014-11-10",
                        "to": "2014-11-10"
                     }
                  }
               },
               "all_days": {
                  "match_all": {}
               }
            }
         },
         "aggs": {
            "daily_price_sum": {
               "sum": {
                  "field": "price"
               }
            },
            "daily_post_sum": {
               "avg": {
                  "field": "purchased_post_count"
               }
            }
         }
      }
   }
}

I can also see that you are not interested in queries, but only for the aggregation values. In this case, you can improve the performance of these aggregates by using the Query Query Cache , which is present in ES 1.4.0. To use it, turn on the query query cache, as described in the reference, and add the following operation _search

: search_type=count

.

Elastic search

More articles: